fkie_cve-2013-1794
Vulnerability from fkie_nvd
Published
2013-03-14 03:13
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1497402-9268-4A55-B7F3-58247345BD61",
"versionEndIncluding": "1.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25AA0ACE-A8C6-4234-8EE2-F52438B6F472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E141BE-9ECF-4275-BFBD-E3DBF7D86A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8C85F39C-C8D3-4493-8432-5EE3FB231BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C158198E-8D22-41A8-8C24-8ABBE3354F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F377FB25-17B5-48A8-BC3C-3E99649C429E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4033D1-2374-429D-8927-F51EDC24E96B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "39308049-0C20-4845-9803-529A85CB9682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CAC63C9E-169F-40B5-A011-2A77B675875D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "D5CC270B-4822-43DB-BD28-50B497EA196A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FAC3B7-9F61-448A-B0F0-D581DCDAC87F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "851DD68F-4272-4A86-A421-8D41FA63FADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F6CEAEF2-855A-4663-B0FE-71EF470FB227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "7986966F-8A0F-4B5F-9C27-39F818782EE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABF69BA-857A-45A0-89DD-02476E93390C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "92E099A9-B50E-4DE6-BB38-982967B3700A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA60762-5259-45C8-98D4-7C4E844FD231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.26:*:*:*:*:*:*:*",
"matchCriteriaId": "378F38A7-422C-4603-8120-42DB91C8B90D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "69AC18EA-7DB6-4F68-95DD-637D557DDF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2041735A-BFB0-4875-937A-B530D2E687B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.29:*:*:*:*:*:*:*",
"matchCriteriaId": "03C7293A-0430-478E-B567-9C8505288F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD8DE00-622E-42DC-B1C7-8B9C1300DEF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FCFBC7-CDEF-402D-8C11-DD3D112B76CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.32:*:*:*:*:*:*:*",
"matchCriteriaId": "22ABC36E-79A7-41A6-8A80-CF3563EE640E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.33:*:*:*:*:*:*:*",
"matchCriteriaId": "9E121D95-158B-446D-BECD-D90D348A8CE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.34:*:*:*:*:*:*:*",
"matchCriteriaId": "C2993321-45A6-496F-ADC3-B83E52B90ADD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.35:*:*:*:*:*:*:*",
"matchCriteriaId": "4EA6732C-6108-40B1-B9D3-D11D9C18B225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.36:*:*:*:*:*:*:*",
"matchCriteriaId": "A93DE322-6843-4C9C-82F2-2E55FC5231DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.37:*:*:*:*:*:*:*",
"matchCriteriaId": "79EE6FA8-2127-4011-8C26-6B7A073F863C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.38:*:*:*:*:*:*:*",
"matchCriteriaId": "52D0C9D5-009C-4153-AB84-1DC3191CAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.39:*:*:*:*:*:*:*",
"matchCriteriaId": "18AAA5FE-D9FE-40A8-804B-C86C2D865958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.50:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCB63E5-D32E-41E3-958D-F1991318CFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF75979-BDA7-46DA-987B-A1D59F95B0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "7FDE6F07-DD16-4075-B7C4-4C3B9A194C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B8EC69-A4CD-42F8-AD25-ACE8DDAE7F02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3B0624-435B-4A06-BC13-5B47C34E11E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F90E76-4EF0-4E12-96F9-1007DF457277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "F3944EFB-9C8C-451E-A339-603FC617A352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.57:*:*:*:*:*:*:*",
"matchCriteriaId": "5B400BB8-53F2-4BC3-842B-42480B52D156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "5A1C5AD7-141A-4932-9A05-994B6CC69AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.59:*:*:*:*:*:*:*",
"matchCriteriaId": "DD49634F-5DA6-4FBA-97EE-936DE63E75C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.60:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC06AB2-1D82-4A0B-9449-F4C72CF5A0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "9E5486E2-B36D-471D-B356-30BA5D8F3AC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.62:*:*:*:*:*:*:*",
"matchCriteriaId": "A386DC5A-0333-4104-8392-014D8BBFF47A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.63:*:*:*:*:*:*:*",
"matchCriteriaId": "32A7E126-F38C-4530-AED8-51FA33C81F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.64:*:*:*:*:*:*:*",
"matchCriteriaId": "ED74E6B6-BAFE-4B98-8DC3-C75C321272C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.65:*:*:*:*:*:*:*",
"matchCriteriaId": "5F5F17B3-CF38-4316-A15C-C2EE362881A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.66:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB2BE97-CE66-4779-B39C-47314BD2F1F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.67:*:*:*:*:*:*:*",
"matchCriteriaId": "03A6D399-7EB8-40B4-9466-B38CE1887AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.68:*:*:*:*:*:*:*",
"matchCriteriaId": "9C112D17-EF66-4C69-BD90-BFB6E15825E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.69:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF96C2F-2F22-4496-9B9D-240D1CEAF07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.70:*:*:*:*:*:*:*",
"matchCriteriaId": "9C75A947-02E6-4DC0-94CA-06C67A2AB0F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.71:*:*:*:*:*:*:*",
"matchCriteriaId": "0454D60A-8816-4D39-B57F-04F9555200C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.72:*:*:*:*:*:*:*",
"matchCriteriaId": "6E1B6477-930B-4556-B4F4-FECAC862B87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3D3DE7BE-0BF9-46B7-9BA6-FB5157CCD184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.74:*:*:*:*:*:*:*",
"matchCriteriaId": "0A15EA7B-CCDB-496C-BF9E-5D1B072F6ADE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.75:*:*:*:*:*:*:*",
"matchCriteriaId": "D05354C2-8BA9-4FA7-A2C1-D8DC1965D92D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.76:*:*:*:*:*:*:*",
"matchCriteriaId": "3057D5C8-AA27-4C1D-AD5A-66DE010A943E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.77:*:*:*:*:*:*:*",
"matchCriteriaId": "001C25DE-7B10-4E60-9C8A-3F87A8FDA169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.5.78:*:*:*:*:*:*:*",
"matchCriteriaId": "A1EEEF95-F888-4F18-9A66-801CDF190DDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openafs:openafs:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A71A1B-DCDC-4E72-9C46-49919E4F372C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en ciertas utilidades de cliente OpenAFS antes de v1.6.2 que permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un servidor de ficheros larga entrada ACL."
}
],
"id": "CVE-2013-1794",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-14T03:13:37.480",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/52342"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/52480"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2013/dsa-2638"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openafs.org/pages/security/OPENAFS-SA-2013-001.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/58299"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/52342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/52480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openafs.org/pages/security/OPENAFS-SA-2013-001.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/58299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82582"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…